package com.gaoqi.springboot_shiro.config.shiro;

import com.gaoqi.springboot_shiro.config.shiro.cache.RedisCacheManager;
import com.gaoqi.springboot_shiro.config.shiro.realm.CustomerRealm;
import com.gaoqi.springboot_shiro.service.UserService;
import org.apache.shiro.authc.credential.HashedCredentialsMatcher;
import org.apache.shiro.realm.Realm;
import org.apache.shiro.spring.web.ShiroFilterFactoryBean;
import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.data.redis.core.RedisTemplate;

import java.util.HashMap;

/**
 * springboot 整合shiro 框架配置
 */
@Configuration
public class shiroConfig implements ShiroConfigInterface {

    /**
     * 创建shiroFilter 需要配置 安全管理器 从ioc 容器中取出 参数自动注入
     */


    //过滤器
    @Bean
    public ShiroFilterFactoryBean getShiroFilter(DefaultWebSecurityManager defaultWebSecurityManager) {
        //shiroFilter 负责拦截所有请求
        ShiroFilterFactoryBean shiroFilterFactoryBean = new ShiroFilterFactoryBean();
        //给shiroFilter 设置安全管理器
        shiroFilterFactoryBean.setSecurityManager(defaultWebSecurityManager);
        System.out.println("======================开始过滤=========================");

        //配置系统公共资源 和受限资源 需要认证和授权
        HashMap<String, String> map = new HashMap<>();
        map.put("/user/log", "authc"); //anon  公共资源不需要授权
        map.put("/login.html", "anon");
        map.put("/test", "anon");
        map.put("/log", "authc");
        map.put("/loginOut", "anon");
        map.put("/Out.html", "anon");
        map.put("/regi.html", "anon");
        map.put("/**", "authc"); //authc 受限资源 需要授权
        shiroFilterFactoryBean.setLoginUrl("/error.html");
        shiroFilterFactoryBean.setFilterChainDefinitionMap(map);

        //返回过滤器
        return shiroFilterFactoryBean;
    }

    /**
     * 创建安全管理器
     *
     * @param realm
     * @return
     */
    //安全管理器
    @Bean(name = "defaultWebSecurityManager")
    public DefaultWebSecurityManager getDefaultWebSecurityManager(Realm realm) {
        //安全管理器 用于认证 和授权
        DefaultWebSecurityManager defaultWebSecurityManager = new DefaultWebSecurityManager();

        //给安全管理器设置realm
        defaultWebSecurityManager.setRealm(realm);
        return defaultWebSecurityManager;

        //只要有SecuirtyUtils shiroFilter 自动将安全管理器注入到 securityutils 中
    }


    /**
     * //创建 realm
     *
     * @return
     */
    //自定义realm
    @Bean(name = "realm")
    public Realm getRealm() {
        //获取自定义realm 对象
        CustomerRealm customerRealm = new CustomerRealm();

        //获取hash 认证匹配器
        HashedCredentialsMatcher credentialsMatcher = new HashedCredentialsMatcher();
        credentialsMatcher.setHashAlgorithmName("md5");
        credentialsMatcher.setHashIterations(1024);

        //为realm 对象注入hash 认证匹配器
        customerRealm.setCredentialsMatcher(credentialsMatcher);

        /*******************************************/
        System.out.println("==================开启缓存认证管理======================");
        //开启缓存管理
        customerRealm.setCacheManager(new RedisCacheManager());
        customerRealm.setCachingEnabled(true);//开启全局缓存
        customerRealm.setAuthenticationCachingEnabled(true);//开启认证缓存
        customerRealm.setAuthenticationCacheName("AuthenticationCache");//设置认证缓存名
        customerRealm.setAuthorizationCachingEnabled(true);//开启授权缓存
        customerRealm.setAuthorizationCacheName("AuthorizationCache");//设置授权缓存名

        //返回realm 对象
        return customerRealm;
    }
}
